Professional Documents
Culture Documents
...... V1l'lT!.
•
RINGLEADER DIGITAL. INC,,' Del......
"' .. nO/ro,
Civil AcOOII No
CLASS AcrlON
:."'=====---
Corponlion. INC ••
PcnnIylnnio Corpomion. CABLE NEWS DfMAND fOR JJ!BY TRIM
NIlTWORK,. Dol ....... C..,.,..,i .... MPN.
INC.o Dol......... Corponlioa. FOX NIlWS
NETWORK. LLC.• 001 C".,......on.
OQ:I MIIDIA, INC.•• Dol C<WjIDrMion.
MI;RRIAM·WIlDS11.'.R.INC.1 Delo_
Corpomion. 'IllA VEL CHANNI!1., u.c.•
Del........ CClfJlOl1ll,on. ond WHI·I'El'AGES.
INC •• Del........ COlJlOfOtion:
---------,
h.... It)' Iftd Ill"""" Ill." 'IlOI1IO)'0, Kornboo'Law. LLC. Iftd tho Lo.. om_ ol' J-" 11
Mollo:r, PC, .. and r", 1IIe. «lfI'lplolnl ond _andj . . trial II)' Jury. oil..,. .. b.Nd on
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 2 of 76
upon information and belief based on the investigation of counsel, which Plaintiffs believe
1. Plaintiffs bring this consumer class action lawsuit pursuant to Federal Rules of
Civil Procedure 23(a), (b)(1), (b)(2), and (b)(3) on behalf of themselves and a class of similarly
situated individual Internet users who were victims of privacy violations and unfair business
practices; wherein their privacy, financial interests, and security rights, were violated by the
(hereinafter referred to as “CNN”), ESPN, Inc., (hereinafter referred to as “ESPN”), FOX News
Network, LLC, (hereinafter referred to as “FOX”), Go2 Media, Inc., (hereinafter referred to as
Channel, LLC, (hereinafter referred to as “Travel Channel”), and WhitePages, Inc., (hereinafter
collectively to as, “Ringleader Digital Affiliates,” to gain unauthorized access to, and
unauthorized use of, Plaintiffs and Class Members’ mobile devices referencing electronic
devices used for communication over a cellular network and include internet and multimedia
capabilities, which include but are not limited to: iPhone, iPad, iTouch and Personal Digital
Assistants (“PDA’s”), with HTML5 client side storage capability; hereinafter referred to
2. Defendants gained unauthorized access to, and unauthorized use of, Plaintiffs and
Class Members’ mobile telephone devices, bypassing the technical and code-based barriers
intended to limit access, in addition to bypassing the Plaintiffs and Class Members’ privacy and
2
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 3 of 76
security settings. Defendants perpetuated this to individually identify Plaintiffs and monitor their
Digital Affiliates, and each knowingly authorized, directed, ratified, approved, acquiesced in, or
participated in conduct, made the basis of this Class action, which included, but was not limited
to, the unauthorized access to, and unauthorized use of the Plaintiffs and Class Members’ mobile
devices.
Affiliate users which would allow access to, and disclosure of, Personal Information (“PI”),
derived from the user’s mobile device, and linked to the user’s device, involving activities,
including but not limited to, users’ activities on Ringleader Digital Affiliates’ websites, which
Defendants accomplished covertly, without actual notice, awareness, consent or choice of its
users, and
mobile phones by embedding a tracking code in each user’s mobile device database to
circumvent users’ browser controls for managing web privacy and security which information
Defendants obtained deceptively, for purposes not disclosed within their Terms of Service and/or
6. The sequence of events related to this action include, but are not limited to the
following:
a) Plaintiffs and Class Members are individuals in the United States who own
mobile devices and use their mobile devices to access websites on the Internet and visited one of
3
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 4 of 76
the Ringleader Digital Affiliate’s websites within the class period. Plaintiff and Class Member
J.N., a minor, age twelve (12) years old, is a minor under, the age of thirteen (13) that visited one
of the Ringleader Digital Affiliates websites within the class period and did not obtain protection
from the Defendant’s act as protected by COPPA, The Children's Online Privacy Protection Act
of 1998 (COPPA), a United States federal law, located at 15 U.S.C. § 6501–6506 (Pub.L. 105-
b) Plaintiffs and Class Members visited the websites of the Defendant Ringleader
Digital Affiliates within the class period and then Defendant Ringleader, acting in concert
individually with Ringleader Digital Affiliates, gained unauthorized access to, and unauthorized
use of, the Plaintiffs and Class Members mobile device, without their notice or consent.
within the Plaintiffs and Class Members’ mobile device to scan, copy and use without notice,
consent, or authority, the Plaintiffs and Class Members mobile device, obtaining mobile device
configuration, a practice not necessary for the placement of persistent cookies for tracking
website visitors, nor an acceptable practice within the industry. While traditional advertisers
access the users’ browser for online tracking, Defendants access involved areas of the Plaintiffs
and Class Members’ mobile devices(s) that involved hardware and software associated with non-
browser activity.
database for use by Defendant Ringleader within the Plaintiffs and Class Members mobile device
which did not previously exist, nor was designed by the manufacturers of the mobile device for
4
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 5 of 76
Ringleader Digital Affiliates, a database for use by Defendant Ringleader Digital Affiliates,
without notice, consent, or authority, an additional unauthorized database on the Plaintiffs and
Class Members mobile device, then downloaded additional tracking code to assist the Defendant
Ringleader’s tracking scheme. Such tracking codes could not easily be detected, managed or
deleted, and provided, in whole or part, the collective mechanism to track Plaintiffs and Class
whole or part, from the Plaintiffs and Class Members’ mobile device properties and “stamped”
the UDID within the Plaintiffs and Class Members’ mobile device, and stored additional data, to
provide a mechanism to back up the mobile device’s Identifier for purposes of restoring it later if
g) Defendant Ringleader then used the Unique Device Identifier within the user’s
database, to re-spawn the user’s Unique Device Identifiers (“UDID’s”) if deleted by the user, by
use, in whole or part, using additional mobile device functions, bypassing Plaintiffs and Class
Members privacy and security settings, denying choice and protection if they cleaned their
the Plaintiffs and Class Members’ mobile devices, by use of its Unique Device Identifiers
(“UDID’s”) embedded in the user’s mobile device, as Plaintiffs and Class Members used their
i) Defendants then copied and used the mobile device data within the Plaintiffs and
Class Members’ mobile devices, after it knowingly accessed, without authorization the Plaintiffs
5
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 6 of 76
and Class Members’ mobile device. Defendants objective was to copy and use the Plaintiffs and
Class Members’ mobile device configuration data, alter or delete previous data, if needed,
although such data now was present in property owned by Plaintiffs and Class Members
derived, in whole or part, from its monitoring the mobile browsing activities of Plaintiffs and
Class Members or specific sites. The personal information Defendants misappropriated and
compiled, with information provided from Ringleader and Ringleader Digital Affiliates includes
details about user profiles to identify individual users and track them on an ongoing basis, across
numerous websites, and tracking users when they accessed the web from different mobile
devices, at home and at work. This sensitive information may include such things as users’ video
viewing choices and personal characteristics such as gender, age, race, number of children,
education level, geographic location, and household income, what the web user looked at and
what he/she bought, the materials he/she read, details about his/her financial situation, his/her
sexual preference, his/her name, home address, e-mail address and telephone number, and even
and Class Members mobile device, including but not limited to, the Plaintiffs and Class
Members’ carrier transactional information which included, but not limited to, “carrier network
IP,” information sought to link location with the Plaintiffs and Class Members since such
persisted across Internet sessions. This provided in whole, or in part, what amounted to a “Trap
“Utilizing the advances in GPS technology, marketers can now determine the
precise location of mobile users—within three feet.”
6
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 7 of 76
“Acuity Mobile Partners with AlphaTrek to Provide Advanced Location Targeting for Mobile
Marketing Clients; Expands Patent Portfolio,” 22 Apr. 2008, online:
http://www.acuitymobile.com/docs/Press04222008.php (last accessed October 2010)
“The whole focus has been on layering GPS in virtually any type of content, and taking
that location awareness down to the content level,” Bob Walczak, Ringleader Digital's founder
and CEO, said during a panel. The company's ad servers act like decision engines, figuring out
when and what advertising messages to send to individuals based on ad category, time of day,
the user's GPS-derived location and search query keywords they may have entered.
l) Defendant Ringleader Digital Affiliates did not provide Plaintiffs and Class
Members information within its privacy policies concerning its affiliation with Defendant
Ringleader, information related to the extent of its tracking, made the basis of this action, nor
unable to delete the Ringleader database from within their mobile device
to cease all tracking. Those that located the Ringleader’s website were
advised, “Do not just delete cookies or the database in your device.”
m) Plaintiffs and Class Members involved with the Defendants were harmed by its
practices including but not limited to, incurred time and costs to repair their mobile device,
damage to their mobile devices, and limitation to functionality of their mobile devices.
7
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 8 of 76
7. Defendants then used third party analytics software to process any and all data
derived from all sources, acts that also violates the Plaintiffs and Class Members’ mobile device
manufacturer’s agreement:
“3.3.9 You and Your Applications may not collect, use, or disclose to any third party,
user or device data without prior user consent, and then only under the following conditions:
or function that is directly relevant to the use of the Application. For example,
without Apple's prior written consent, You may not use third party analytics
software in Your Application to collect and send device data to a third party for
whose primary business is serving mobile ads (for example, an advertising service
not qualify as independent); and the disclosure is limited to UDID, user location
data, and other data specifically designated by Apple as available for advertising
purposes.”
8. Plaintiffs and Class Members that became aware that Defendant Ringleader had
created a database, and deleted the databases to cease any and all tracking, had the tracking
device re-spawn. The failure of Defendants to provide the user notice of its tracking mechanism
within their mobile devices allowed a perpetual re-spawning, creating in effect: “Zombie
Databases.”
8
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 9 of 76
9. Venue is proper in this District under 28 U.S.C. §1391(b) and (c) against
Defendants. A substantial portion of the events and conduct giving rise to the violations of law
complained of herein occurred in this District and Defendants conducts business with consumers
in this District. Defendant Ringleader’s principle executive offices and headquarters are located
in this District at 286 Fifth Avenue, 6th Floor, New York, NY 10001.
10. Subject-matter jurisdiction exists in this Court related to this action pursuant to 28
U.S.C. § 1332. The aggregate claims of Plaintiffs and the proposed Class Members exceed the
11. Venue is proper in this district and vests jurisdiction in the New York state and
federal courts in the district of the location of their principal corporate place of businesses. Thus,
mandatory jurisdiction in this U.S. District Court vests for any Class Member, wherever they
reside, for the mobile device activity made the basis of this action which occurred within the
United States. The application of the law of the State of New York should be applied to any
mobile device activity made the basis of this action anywhere, within the United States, as if any
and all activity occurred entirely in New York and to New York resident. Thus, citizens and
residents of all states are, for all purposes related to this instant Complaint, similarly situated
with respect to their rights and claims as New York residents, and therefore are appropriately
included as members of the Class, regardless of their residency, or wherever the mobile device
York. Plaintiffs assert claims on behalf of a proposed class whose members are scattered
throughout the fifty states and the U.S. territories; there is minimal diversity of citizenship
9
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 10 of 76
between proposed Class Members and the Defendants. The aggregate of these claims exceed the
a. Ringleader
b. FOX
13. This Court has personal jurisdiction over the Defendants listed in this paragraph
because each of the listed defendants maintains its corporate headquarters in, and the acts alleged
14. The following corporations are citizens of states other than New York, however
each of the acts upon which liability is alleged herein were committed by the corporations listed
a. AccuWeather
b. CNN
c. ESPN
d. Go2 Media
e. Merriam-Webster
f. Travel Channel
g. WhitePages
proper in the Court, since Defendant is a corporation headquartered in this District, and Plaintiffs
include citizens and residents of this District, and assert claims on behalf of a proposed Class
whose members are scattered throughout the fifty states and the U.S. territories; thus there is
minimal diversity of citizenship between proposed Class Members and the Defendant.
10
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 11 of 76
16. This is the judicial district wherein the basis of the conduct complained of herein
involving the Defendants was devised, developed, implemented. The actual interaction of
information and data was activated from, and transmitted to and from this District; therefore all
PARTIES
17. Plaintiff Andrew Hillman (“Hillman”), is a citizen and resident of Dallas, Texas,
(Dallas County). On information and belief, Hillman incorporates all allegations within this
complaint. At all relevant times herein, Hillman owned a mobile device, used that mobile device,
on one or more occasions during the class period, in the city of residence, to access the internet
sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
AccuWeather, Inc., and registered to: AccuWeather, Inc., 385 Science Park Road,
b.
18. Plaintiff Marissa Dean (“Dean”), is a citizen and resident of Waco, Texas,
(McLennan County). On information and belief, Dean incorporates all allegations within this
complaint. At all relevant times herein, Dean owned a mobile device, used that mobile device, on
11
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 12 of 76
one or more occasions during the class period, in the city of residence, to access the internet sites
of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
b.
19. Plaintiff Dawn Harbin (“Harbin”), is a citizen and resident of Burleson, Texas,
(Burleson County). On information and belief, Harbin incorporates all allegations within this
complaint. At all relevant times herein, Harbin owned a mobile device, used that mobile device,
on one or more occasions during the class period, in the city of residence, to access the internet
sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
12
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 13 of 76
b.
20. Plaintiff Stephanie Owens (“Owens”), is a citizen and resident of Dallas, Texas,
(Dallas County). On information and belief, Owens incorporates all allegations within this
complaint. At all relevant times herein, Owens owned a mobile device, used that mobile device,
on one or more occasions during the class period, in the city of residence, to access the internet
sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
News Network, LLC, and registered to: Twentieth Century Fox Film Corporation,
domain name owned by Defendant FOX News Network, LLC, and registered to:
13
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 14 of 76
b.
Texas, (Burleson County). On information and belief, Groeneweg incorporates all allegations
within this complaint. At all relevant times herein, Groeneweg owned a mobile device, used that
mobile device, on one or more occasions during the class period, in the city of residence, to
access the internet sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s),
as noted in section a below, which resulted in Defendants gaining unauthorized access to, and
unauthorized use of, Groeneweg’s mobile device, by Defendants as noted in section b below:
domain name owned by Defendant Travel Channel, LLC, and registered to: The
b.
22. Plaintiff Billy Gueringer (“Gueringer”), is a citizen and resident of Waco, Texas,
(McLennan County). On information and belief, Gueringer incorporates all allegations within
this complaint. At all relevant times herein, Gueringer owned a mobile device, used that mobile
14
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 15 of 76
device, on one or more occasions during the class period, in the city of residence, using their
mobile device to access the internet sites of one (1) or more Defendant Ringleader Digital
unauthorized access to, and unauthorized use of, Gueringer’s mobile device, by Defendants as
b.
23. Plaintiff Maulik Parikh (“Parikh”), is a citizen and resident of Colleyville, Texas,
(Tarrant County). On information and belief, Parikh incorporates all allegations within this
complaint. At all relevant times herein, Parikh owned a mobile device, used that mobile device,
on one or more occasions during the class period, in the city of residence, to access the internet
sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
Network, and registered to: Turner Broadcasting System, Inc., One CNN Center,
15
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 16 of 76
b.
24. Plaintiff Richard Weiner (“Weiner”), is a citizen and resident of Dallas, Texas,
(Dallas County). On information and belief, Weiner incorporates all allegations within this
complaint. At all relevant times herein, Weiner owned a mobile device, used that mobile device,
on one or more occasions during the class period, in the city of residence, to access the internet
sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in section a
below, which resulted in Defendants gaining unauthorized access to, and unauthorized use of,
AccuWeather, Inc., and registered to: AccuWeather, Inc., 385 Science, Park
b.
25. Plaintiff Steve Williams (“Williams”), is a citizen and resident of Dallas, Texas,
(Dallas County). On information and belief, Williams incorporates all allegations within this
complaint. At all relevant times herein, Williams owned a mobile device, used that mobile
16
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 17 of 76
device, on one or more occasions during the class period, in the city of residence, to access the
internet sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in
section a below, which resulted in Defendants gaining unauthorized access to, and unauthorized
owned by Defendant ESPN, Inc., and registered to: ESPN, Inc., 935 Middle
b.
(McLennan County). On information and belief, Gueringer incorporates all allegations within
this complaint. At all relevant times herein, Gueringer owned a mobile device, used that mobile
device, on one or more occasions during the class period, in the city of residence, to access the
internet sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s), as noted in
section a below, which resulted in Defendant Ringleader gaining unauthorized access to, and
unauthorized use of, Gueringer’s mobile device, by Defendants as noted in section b below:
17
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 18 of 76
b.
27. Plaintiff Semyon Narosov (“Semyon N.”), is a citizen and resident of Dallas,
Texas, (Dallas County). On information and belief, Semyon N. incorporates all allegations
within this complaint. At all relevant times herein, Semyon N. owned a mobile device, used that
mobile device, on one or more occasions during the class period, in the city of residence, to
access the internet sites of one (1) or more Defendant Ringleader Digital Affiliates’ website(s),
as noted in section a below, which resulted in Defendants gaining unauthorized access to, and
unauthorized use of, Semyon N.’s mobile device, by Defendants as noted in section b below:
Network, and registered to: Turner Broadcasting System, Inc., One CNN Center,
domain name owned by Defendant FOX News Network, LLC, and registered to:
18
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 19 of 76
b.
28. Plaintiff J.N. (“Jenna N.”), a minor, age twelve (12) years old, is a citizen and
resident of Dallas, Texas, (Dallas County). On information and belief, Jenna N. incorporates all
allegations within this complaint. At all relevant times herein, Jenna N. owned a mobile device,
used that mobile device, on one or more occasions during the class period, in the city of
residence, to access the internet sites of one (1) or more Defendant Ringleader Digital Affiliates’
access to, and unauthorized use of, Jenna N.’s mobile device, by Defendants as noted in section b
below:
AccuWeather, Inc., and registered to: AccuWeather, Inc., 385 Science, Park
Defendant FOX News Network, LLC, and registered to: Twentieth Century Fox
registered to: Go2 Directory Systems, 133 Federal Street, Fifth Floor, Boston,
19
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 20 of 76
name owned by Defendant WhitePages, Inc., and registered to: WhitePages, Inc.,
b.
New York, a privately owned corporation, doing business online, using domains which include,
but not limited to: Ringleader.com (hereinafter referred to as “Ringleader”), which maintains its
headquarters at 286 Fifth Avenue, 6th Floor, New York, NY 10001. Defendant Ringleader
Digital, Inc., does business throughout the United States, and in particular, does business in State
provider, delivering the online equipment of ad serving technology and functionality to the
31. Ringleader’s “Privacy Policy,” dated March 3, 2009, (last accessed September 30,
2010), states in part: “What we collect. Our Media Stamp technology tells us that we have
encountered your mobile device at some point (e.g., when you viewed one of our participating
web site’s ads). We collect non-personally identifiable information from your device, such as
20
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 21 of 76
Carrier IP addresses, the request url (the URL that requests the ad which can contain within it
information such as your zip code, state, and country, if passed on to us by our publisher
partners), as well as http headers from the ad requests coming from participating websites. These
headers can contain standard data such as the types of file formats supported by your device,
whether or not content can be cached on your device, and the referring URL (i.e. the url of the
otherwise as required or permitted by law, including but not limited to in response to court orders
and subpoenas. We also may disclose information in connection with investigations, for example
if we believe in good faith it is necessary in order to investigate, prevent, or take action regarding
illegal activities, suspected fraud, situations involving potential threats to the physical safety of
32. Ringleader’s “Privacy Policy,” dated March 3, 2009, (last accessed September 30,
2010), as it relates to its use of a Unique Device ID (“UDID”) an unknown tracking device, as
privacy settings to opt-out of any unauthorized access within their mobile device, such as
deleting the RLDGUID targeting, which created a mechanism to “target in perpetuity,” is best
21
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 22 of 76
33. Ringleader’s “Terms of Use,” dated March 3, 2009, (last accessed September 30,
2010), as it relates to the “transparency” of the RLDGUID tracking “stamp”, is best described by
the following:
“The stamp is located in [Web site code],” he says. “They would have to take
down the mobile Web to get at it.”
http://www.forbes.com/2008/11/06/mobile-cookies-advertising-tech-wire-
cx_ew_1106cookies.html
• In regard to a user’s ability to use their security settings to delete or “lose” the
“There is no way to lose the cookie,” says Walczak. “Even if you hard reset your
phone, the stamp can persistently identify it.”
34. Elizabeth Woyke, “Cookies For Your Cellphone” (last accessed September 28,
cx_ew_1106cookies.html
corporation which maintains its headquarters at 385 Science Park Road, State College, PA
16803. Defendant AccuWeather does business throughout the United States, and in particular,
• “We provide local forecasts for everywhere in the United States and over two
million locations worldwide. We also provide our products and services to more than 175,000
37. Defendant AccuWeather has derived online access to any and all previous privacy
policies for the period of this Class Action. This Discovery shall be required to compare all
22
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 23 of 76
privacy policies within the class period. AccuWeather’s “Privacy Policy,” dated October 1, 2010
• “Vendors and Third Party Providers. To make the AccuWeather Sites more
valuable to our customers and our visitors, we may offer some products, services or features in
conjunction with Providers. Many wireless products, for example, may be made available
through cooperative arrangements with Providers who offer specialized products, information or
services that work well with AccuWeather Sites, products and services. In some instances, our
Providers may have the same access to your PII as we do. Their use of the information will be
subject to the terms of their respective privacy policies or statements, which you may find on
their websites.
- We use third-party advertising companies to serve ads when you visit the
AccuWeather Site(s). These companies may use information about your visits to this and
other Web sites in order to provide advertisements about goods and services of interest to
you. If you would like more information about this practice and to know your choices
about not having this information used by these companies, click here:
policies of our Providers to find out more about technologies utilized by them in the
course of providing services to the AccuWeather Sites. Some of these Providers are as
follows:
http://ringleaderdigital.com/privacy-policy
23
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 24 of 76
utilize flashcookies/HTML5 software and/or local storage and/or mini databases in conjunction
with the use of the sites and the targeting of advertising to the users of the AccuWeather sites.
Many hand held mobile devices use these technologies in conjunction with the mobile browsers
on the devices. Many mobile devices use these technologies which allow for the storage of
information on the mobile devices and, in effect, allow the enhancement of internet browsing as
well as other uses including but not limited to targeting advertisements. The
user's web browsing movements across the internet and not just on one particular website.
AccuWeather and its providers may utilize one or more of these technologies and others on the
AccuWeather Sites(s).”
38. Defendant’s AccuWeather’s “most recent” privacy policy still fails to provide
adequate information regarding the extent of the Defendants actions, made the basis of this
action.
corporation which maintains its headquarters at One CNN Center, Atlanta, GA 30303. Defendant
CNN does business throughout the United States, and in particular, does business in State of
delivery.”
41. CNN’s “Privacy Policy,” dated May 20, 2009 (last accessed October 15, 2010),
states in part:
24
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 25 of 76
• “We may on occasion combine information we collect through our sites with
Cookies are text files placed in your computer's browser to store your preferences. Cookies do
not contain personally identifiable information; however, once you choose to furnish a site with
personally identifiable information, this information may be linked to the data stored in the
cookie.”
• “We, our third party service providers, advertiser or our partners may also use
"web beacons" or clear .gifs, or similar technologies, which are small pieces of code placed on a
web page, to monitor the behavior and collect data about the visitors viewing a web page. For
example, web beacons may be used to count the users who visit a web page or to deliver a cookie
42. Defendant CNN’s Privacy Policy fail to reference its association with Ringleader
Digital Inc.
maintains its headquarters at 935 Middle St., Bristol, CT 06010. Defendant ESPN does business
throughout the United States, and in particular, does business in State of New York and in this
judicial district.
25
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 26 of 76
45. ESPN’s “Privacy Policy,” dated May 6, 2008 (last accessed October 15, 2010),
states in part: “does not provide the identity of all associated advertising networks nor all
46. Defendant ESPN’s Privacy Policy fail to reference its association with Ringleader
Digital Inc.
corporation which maintains its headquarters at 1211 Avenue of the Americas, New York, NY
10036. Defendant FOX, does business throughout the United States, and in particular, does
48. FOX’s website, http://www.foxnews.com, its business best described as: “Fox
News Channel (FNC), commonly referred to as Fox News or Fox, is a cable and satellite
television news channel owned by the Fox Entertainment Group, a subsidiary of News
Corporation. As of April 2009, it is available to 102 million households in the United States and
further to viewers internationally, broadcasting primarily out of its New York City studios.”
49. FOX’s “Privacy Policy,” dated January 8, 2009 (last accessed October 15, 2010),
states in part:
• “Third party advertisements displayed on FOX’s sites may also contain cookies
set by Internet advertising companies or advertisers. FOX does not control these advertiser
cookies and visitors to our web site(s) should check the privacy policy of the Internet advertising
• “FOX may use cookies and similar tools to relate your use of our web site(s) to
PII obtained from you or a reputable third party. For example, if you’ve asked us to provide you
26
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 27 of 76
information about our upcoming products or promotions, cookie and/or click stream data about
your activities on FOX web sites may allow us to limit the materials we provide you to items we
think you will find interesting, based on your prior online activities and preferences. However, if
FOX wishes to combine your personal and cookie and click stream information in this manner,
50. Defendant FOX’s Privacy Policy fail to reference its association with Ringleader
Digital Inc.
51. Defendant Go2 Media, Inc. (hereinafter “Go2 Media”), is a Delaware corporation
which maintains its headquarters at 10 High Street, Tenth Floor, Boston, MA 02110. Defendant
Go2 Media, does business throughout the United States, and in particular, does business in State
media connects mobile publishers, local audiences and advertisers through content and location-
based advertising.
different than ours. Visitors should consult the other sites’ privacy policies, as we have no
control over information that is submitted to or collected by websites that are not our own.”
• “In the course of serving advertisements to the go2.com site, our third-party
advertising companies may place or recognize a unique “cookie” on your mobile phone’s
browser.”
54. Defendant Go2 Media’s Privacy Policy fail to reference its association with
27
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 28 of 76
01102. Defendant Merriam-Webster, does business throughout the United States, and in
particular, does business in State of New York and in this judicial district.
business as: “For more than 150 years, in print and now online, Merriam-Webster has been
57. Merriam-Webster’s “Privacy Policy,” dated September 27, 2010 (last accessed
target the advertisements, promotions, and other marketing messages that you may see on
various Web pages, to conduct research about such advertisements, promotions, and other
marketing messages, and to analyze visits to this and other Web sites. To do this, such third-
party providers may collect anonymous data through the use of cookies, beacons, and by other
means.”
58. Defendant Merriam-Webster’s Privacy Policy fail to reference its association with
corporation which maintains its headquarters at 5425 Wisconsin Avenue, Suite 500, Chevy
Chase, MD 20815. Defendant Travel Channel does business throughout the United States, and in
particular, does business in State of New York and in this judicial district.
28
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 29 of 76
as a: “Travel Channel is available in more than 95 million US cable homes, and its high-
definition simulcast, Travel Channel HD™ is distributed to more than 17 million. The website,
TravelChannel.com, which serves as the network’s entertainment travel hub, averages more than
2 million unique users monthly and its mobile content platform, Travel Channel GO™, is a
leading provider of quality mobile travel video and audio content. Travel Channel also manages
61. Travel Channel’s “Privacy Policy” dated December 10, 2009 (last accessed
October 15, 2010), states in part: provides a link regarding opt-out of behavioral tracking to NAI,
62. Defendant Travel Channel’s Privacy Policy fail to reference its association with
corporation which maintains its headquarters at 1301 Fifth Ave, Suite 1600, Seattle, WA 98101.
Defendant WhitePages does business throughout the United States, and in particular, does
“WhitePages is your go-to source for the most reliable contact information online for the U.S.
With one-click access to over 200 million adults and more than 15 million businesses, we make
65. WhitePages’ “Privacy Policy,” dated September 20, 2010 (last accessed October
• “There are several categories of information that we may collect from you:
29
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 30 of 76
• Public Information
• Imported Contacts and Uploaded Files (excluding any Public Information)
• Private Information
• Search Information
• General Information”
66. Defendant WhitePages’ Privacy Policy fail to reference its association with
67. Ringleader Terms of Use and Privacy Policy relate only to individuals that access
its website by choice and with actual notice, which excludes any method or means involving
68. The conduct of Ringleader individually and in concert with the Ringleader Digital
Affiliates, individually and jointly, is a fraud that has been perpetrated for years, facilitated, and
coordinated, by some of the world’s largest websites and the network advertising industry,
thereby costing the Class upwards of tens of millions of dollars. Defendant has been
their gross misconduct, negligence, apparent coordination, and actual fraud, and violating one (1)
describe “associations,” misleading the users which interpret such to be associated corporate
subsidiaries, withholding accurate information that such includes other entities than advertising
networks, such as: advertising networks, data exchanges, traffic measurement service providers,
30
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 31 of 76
70. Defendant Ringleader and Ringleader Digital Affiliates’ websites, and its tracking
services, are owned by parent companies that have many subsidiaries and fail to provide
adequate information about third-party information sharing, different than affiliate sharing,
which is subject to more restrictions, including opt-in or opt-out consent requirements. These
restrictions are based upon the heightened risk associated with sharing information with
unrelated entities, which have different incentives than the entity that collected the user data.
71. Defendant Ringleader and Ringleader Digital Affiliates do not make adequate
distinctions between sharing with affiliates, contractors, and third parties, instead, vaguely
stating that they do not share user data with unrelated third parties and vaguely disclosing that
they share data with affiliates. Users must interpret an affiliate to be a third party, but given the
actual usage of these terms of Ringleader Digital Affiliates’ privacy policies, that assumption
would be mistaken.
72. Defendant Ringleader and Ringleader Digital Affiliate users are unable to identify
the corporate families to which these Defendant websites belong; which makes it difficult for a
user to discover exactly who such associated entities are, thus their practices are deceptive. A
consumer acting reasonably in the circumstances, to the consumer’s detriment. The conflicting
statements in the privacy policies would most likely confuse or mislead a reasonable consumer.
The confusion would also likely be to their detriment, as surveys indicate that users do not want
discuss that the data collection practices of entities associated with their corporations are outside
the coverage of their privacy policies. This appears to be an attempt to create a critical loophole
31
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 32 of 76
used by Ringleader Digital Affiliates compounding their attempts to violate the privacy
74. Defendant Ringleader and Ringleader Digital Affiliates’ privacy documents fail to
provide adequate notice that Defendant Ringleader and Ringleader Digital Affiliates allow
access to personal behavioral data of their users, including but not limited to, such data
embedded with their cookies, to Ringleader, which in turn shares the data with its marketing
partners or corporate affiliates and subsidiaries, meaning that user behavior will be profiled by
any other entities with whom those sites may choose to share this information. Defendant
Ringleader and Ringleader Digital Affiliates state they do not share data with third parties, but
they do share data with affiliates, suggesting that they only share data with companies under the
referenced the use of cookies, but state such is used only for audience measurement and not
behavioral ad-targeting. The opt-out is inconspicuous on their privacy page and appears in a
not expressly state that if a Ringleader Digital Affiliate user opts-out that behavioral information
will not be collected and shared, but only that the Defendant Ringleader and Ringleader Digital
Affiliate user will not receive Internet based advertising content from its “advertising delivery
service”; moreover its opt-out “unique cookie value” includes identifying information which
falsely imply some level of protection for the user. Defendant Ringleader and Ringleader Digital
32
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 33 of 76
Affiliates’ privacy documents are sufficiently vague so as to refrain from fully disclosing
information to their users about what information is collected through their websites and their
associated entities, how the information is used, and the purposes for the collection and use of
this information, negating the possibility for their users to provide informed and meaningful
consent to these practices. Without adequate notice and informed and meaningful user consent,
users had no control over their personal information, thus, the potential privacy dangers were not
require college-level reading skills for comprehension and include substantial legalese,
ambiguous and obfuscated language designed to confuse, disenfranchise, and mislead the users.
incorporate a multitude of hedging and modality markers so as to minimize their use of covert
surveillance technology and data-gathering tools, while sending mixed messages related to
privacy controls, advising users that choosing to exercise such controls would cause in whole, or
part, diminished functionality of their websites, while such documents emphasize all cookies are
very small, thus unobtrusive, and pose no threat since “many websites use them.”
80. Defendant Ringleader and Ringleader Digital Affiliates’ privacy documents fail to
adhere to an adequate notice and choice regime, predicated on user choice, and informed by
privacy policies. Defendant Ringleader and Ringleader Digital Affiliates’ privacy documents
provided nuanced situations that created conditional yes or no answers to these basic questions
about a site’s data collection and sharing practices, thus it is unclear how an average user could
ever understand these practices since the nuances were not explained in the privacy policy.
33
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 34 of 76
carefully attempt to parse the definitions of phrases related to their tracking activity. Their
privacy documents are more nuanced than such categorized analysis allows for, omitting any
direct reference to cookies, embedding any and all purposes for its use of surveillance
technology into the user’s mobile device hardware, use of user’s mobile device hardware to store
data, use of technology to allow the perpetual mobile device tracking and surveillance of any and
all mobile device Internet activity of the Ringleader Digital Affiliate user as evidenced by the
attempt to hide its covert activity by referring to their use of “other technologies,” or “similar
technologies” to cookies and web beacons, in lieu of cookies which would have perpetual
82. Defendant Ringleader and Ringleader Digital Affiliates’ privacy documents fail to
provide notice that their data storage practices as they relate to the period for which user data is
verbiage was deceptive by design. This deception is especially troubling when compared with
the obligation imposed upon their mobile device visitors to download, read, and comprehend the
vast amount of documents required to protect one’s mobile device privacy, complicated by the
Digital Affiliates websites privacy documents, its users would be required to locate and do the
same for the website for the Ringleader, and repeat this obligation. To accentuate the
improbability of completing this task though, Ringleader Digital Affiliates website visitors were
34
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 35 of 76
85. Ringleader Digital Affiliates’ users’ mobile device privacy protection was
premised upon imposed requirement to download, read, and comprehend the accumulation of all
86. A millisecond was the time allotted for the Plaintiffs and Class Members opening
knowledge, its actions were unauthorized, accessed Plaintiffs and Class Members mobile device,
without their awareness, knowledge or consent to such actions. Such occurred without the
benefit of being advised of the association between Defendant Ringleader Affiliates and
Defendant Ringleader, provided adequate time to access, read, and comprehend the Terms of
Service/Use and Privacy Policy for Ringleader Digital Affiliates’ website, and Ringleader. While
only the most technical savvy mobile device users were familiar with cookies, a finite amount of
individuals even knew about “GUID”, let alone could possibly comprehend the technical aspects
STATEMENT OF FACTS
A. Background
87. This consumer class action involves a pattern of covert mobile device
surveillance. The Defendant Ringleader, operated individually and in concert with Ringleader
Digital Affiliates to access and use consumers’ mobile device and information obtain from users’
mobile devices.
Global Unique Identifier (“GUID”) within the user’s mobile device’s database. The GUID
35
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 36 of 76
functioned as a unique and persistent identifier use by Defendants to track users’ mobile web-
browsing activities.
90. In addition, Defendants used the GUID to defeat users’ control of their mobile
devices, in that Defendants stored the GUID on users’ devices in a way that could not reasonably
be detected, and so that the GUID could be used to restore Ringleader’s persistent tracking
91. The objective of this scheme included, but was not limited to, the interception of
the mobile devices’ properties and the carrier properties and users’ web-browsing activities, in
order to harvest the consumers personal information from mobile device browsing activities.
B. Mobile Tracking
92. There are basically two approaches to collecting web analytics data. The first,
“page tagging,” uses a small bit of JavaScript code placed on each web page to notify a third-
party server when a page has been viewed by a web browser. Etags can be used in place of
cookies. They are a part of caching in HTTP: The server sends the user the tag, and when the
user accesses the resource again their web browser sends the tag back. The server uses the tag the
browser sent to decide whether to send the user the data or provide data to the browser that the
93. The second and more traditional approach to web analytics is “log file analysis”,
where the log files that Web servers use to record all server transactions are also used to analyze
website traffic.
94. The technological barriers in the area of mobile analytics concern data collection,
since not all mobile barriers execute JavaScript so collection of analytic data is not obtained
across all devices, and its inability to obtain unique visitor identification. IP addresses on mobile
36
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 37 of 76
browser can change as they switch from tower to tower and many mobile devices will take the IP
address if the gateway making all the devices look like the same “person.”
identifier used in software applications to provide a unique reference number, into mobile
96. All advertising seeks "state maintenance" or the idea that the
person/browser/phone that saw the ad preforms some later activity. Because most phones don't
support fully functional browsers, they also don't support the "Cookie:" header, thus not
obtaining “uniqueness,” necessary to obtain “state maintenance.” Obtaining the user’s IP address
won’t work because most mobile phones don't have a public IP address. They access the web
through Network Address Translation at the carrier, meaning that many phones are seen by the
entire web as all one IP. Some mobile devices though use the x-up-subno header which is not
only a unique number to which anything may be linked, and with some carriers, the number itself
directly contains most of a phone number. Unlike traditional cookies a user has no choice
whatsoever here. A user can't opt-out, since it is always sent. It can't be deleted since it always
stays the same. A user cannot use a block cookies tool, as they would in a browser since it is hard
coded into a user’s phones software. Mobile Advertising benefits from user’s lack of knowledge
97. Mobile Internet advertising currently consists of streaming graphic files, in real
time, into content rendered by a user's mobile device browser. Image and text call to action
advertising tags are embedded in the content at a publisher's content management system. This
occurs prior to delivery of the actual content to the user over the wireless network. Current
mobile practice for many of the server side include ad serving systems, so as to log delivery of
37
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 38 of 76
user impressions when the ad tags are transmitted from the ad server, across the Internet to the
98. Mobile advertising systems also lacks reliable browser cookies while traditional
online advertising relies on the use browser cookies, implementations inherent in conventional
implementations of mobile ad serving have effectively prevented mobile advertising from being
effective. Moreover, the deficiencies inherent in all known mobile advertising techniques have,
99. Mobile phone devices are nearly always specific to one user, whiile computers
may have multiple users. Parents desiring their children to possess mobile devices for security
are not aware their children are being “commercially stalked.” The fact that mobile phone
devices provide access to real time context of location, presence, and device capabilities,
combined with multiple communication capabilities of voice, SMS, email and browsing allows
exploitation of all parties, including minors, by mobile advertisers. The result is that minor
children are using mobile devices and unknown parties know their location, in addition to the
ultimate details of their lives. Class representative Semyon Narosov noting his concerns,
reproduced literatim without [sic], regarding his minor children, including J.N.J.N., a minor,
aged twelve (12) years of age, being “commercially stalked” in general, but not case specific:
38
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 39 of 76
and private information that should be protected. When did that became a norm
sell the information where the 10 or 12 years old girl having a slumber party?
details noted within the patent’s abstract, and a schematic diagram relating to a “Device
Identification Request,” which is the same or similar technology used by Defendant Ringleader
Digital Inc., made the basis of this action. This application claims the benefit of U.S. Provisional
Patent Application Ser. No. 61/091,816, filed Aug. 26, 2008, entitled, “MOBILE COOKIE
ARCHITECTURE.” Such patent also includes the following entry in the transaction history:
39
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 40 of 76
40
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 41 of 76
102. Plaintiffs and Class Members purchased specific mobile devices for a multitude
of reasons which include the benefits of its privacy and security protections, as exemplified by
“Safe and secure by design. iOS 4 is highly secure from the moment you turn on
your iPhone. All apps run in a safe environment, so a website or app can’t access
data from other apps. iOS 4 supports encrypted network communication to
protect your sensitive information. Optional parental controls let you manage
iTunes purchases, Internet browsing, and access to explicit material. To guard
your privacy, apps requesting location information must get your permission first.
You can set a passcode lock to prevent unauthorized access to your phone and
configure iPhone to delete all your data after too many unsuccessful passcode
attempts. And in the event your iPhone is lost or stolen, a MobileMe membership
allows you to find your iPhone on a map and remotely delete all data.3 If you get
it back, you can restore everything from your last backup.”
Apple iPhone, “The world’s most advanced mobile operating system,” (last accessed October 15,
2010), online: http://www.apple.com/iphone/ios4/
41
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 42 of 76
103. The iPhone provides a global control that allows a user to control location
tracking, set by default in the off position. In regard to cookies, this mobile device includes a
default setting that cookies will only be accepted by websites “visited.” This would negate the
settings of cookies set by “non-visited” sites, such as Defendant Ringleader, a “third party”
advertising network, which was not visited by Plaintiffs and Class Members, iPhone users are
also provided the ability to clean history, cookies and cache. The benefits of the privacy and
security protection provided by the iPhone represents a common benefit for mobile devices, and
104. Defendant Ringleader knew that mobile devices would block third party cookies
by default, and Plaintiffs and Class Members who attempted to block cookies, relied on such
privacy and security protections. Defendant Ringleader implemented a plan, using its
technology, to bypass properties within the mobile device of the Plaintiffs and Class Members,
ignoring their privacy and security choices, with the intent to have unauthorized access to, and
unauthorized use of the Plaintiffs and Class Members mobile devices, and exemplified by “No-
105. Defendants unauthorized access to the Plaintiffs and Class Members mobile
device is evidenced, in whole or part, by either its use of the “No-Path 756” and “Yes-Path 757,”
noted within the section referenced: “Device Identification Request,” Patent Application
20100057843. “Yes- Path 757” relates to the path followed if the user’s device accepts cookies
while “No-Path 756” relates to the path followed if cookies are not allowed by the mobile
device.
106. Plaintiffs and Class Members that allowed cookies from first party websites, but
not third party entities like Defendant Ringleader, and cleared their mobile devices of cookies,
42
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 43 of 76
history, and cache, had their privacy and security choices thwarted by Defendants who re-
initialized to zero the first time set before verifying the end device supports cookies. If cookies
are supported this value will be set with the "NAME" property above as a way to distinguish first
time visitors from previous visitors already in the database. It should be appreciated that
although cookies are implemented in accordance with the present invention, the present
invention allows for unique identification of client devices in all cases, regardless of whether or
not cookies are supported by the client device. Not all client device support cookies, e.g., less
than 50% devices support cookies from our analysis of past campaigns. From a scalability and
performance perspective, for those client devices that do support cookies there is no database
search required rather the cookie becomes the direct index to the device profile, so if the present
system is capable of setting and reading a cookie in the client device, it behooves us to take
advantage of that fact, but for those that don't we have other discriminators we use to search the
database for a previous profile for the device. If someone clears their cookies we can still
107. Defendants’ unauthorized access to the Plaintiffs and Class Members’ mobile
devices was accomplished knowingly and intentional, best evidenced by reviewing the insidious
navigation involved in “No-Path 756.” Defendant’s actions were not inadvertent, nor could they
be construed to be accidental:
• “[0111] Decision block 755, as previously described, tests whether the mobile
device browser 7 as shown in FIG. 1A, supports the setting and transmission of cookies to a
server. In this scenario, as signified by the NO path 756, either the client device 5 does not
43
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 44 of 76
support or has been configured not to allow persisting server browser cookies. Alternatively, the
carrier's Internet gateway may filter out device browser cookies to prevent them from being set
or passed to the Internet server. In which case, block 780 is invoked; signifying cookies cannot
E. Unauthorized Scan
108. Many Internet users are familiar with rogue anti-spyware applications that pop-up
on their screen after visiting a website only to automatically start a scan of your hardware, listing
a myriad of spyware infections within your computer, and offering the sale of an anti-spyware
109. Plaintiffs and Class Members did not authorize Defendants to perform a scan of
their mobile devices. Defendants actions were intentional, not inadvertent, with knowledge that
Plaintiffs and Class Members did not expressly consent to a scan of their mobile devices:
• “[0064]The script executing at the mobile device browser, 7 in the client device 5,
reads from inside the client device 5 additional unique device identification information, such as
the client device, clock and time zone settings, any unique device detection cookie values
previously set in the client device 5 accessible by the script, as well as information for the
version number of the mobile device browser 7 itself, to name a representative sample. These
values are appended to the unique device identification management system request Internet
URL address as keyword=value parameters. The script then dynamically inserts the direct unique
device identification request tags into the HTML code in content page 35, as symbolized by
block 58. Generally speaking, the mobile device browser 7 in response to executing the
dynamically inserted unique device identification request tags, issues a request for device
44
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 45 of 76
“RLD Real Time. Access to immediate, actionable data is what many mobile, online and
analytics platforms have been missing. Now, thanks to RLD Real Time™, powered by RLD
Media Stamp™, RLD Device Detector™ and RLD Context Extractor™, publishers, agencies
and analytics companies can plug into a rich body of data to mobilize their services in real time
— at a cost that is solely based on usage. Over 140 pieces of data can be captured by Real
Time™ such as the device attributes, its location, the applications it runs, what ad sizes and
formats can be displayed, and its carrier information. Media Stamp™ can also identify, map and
track which actions have or haven’t been taken in response to ads by unique users in real time
throughout multiple sessions. The RLD Context Extractor™ provides rich context profiles,
Ringleader Digital, “RLD Real Time™,” (last accessed October 15, 2010), online:
http://ringleaderdigital.com/our-solutions/rld-real-time.
111. Defendants objectives included, but was not limited to, obtaining a mobile device
“Fingerprint,” a practice of obtaining device information to perpetually identify the mobile
device as “indirect identification,” which can be linked to additional data elements to identify
112. The collection of data by Defendants was wholesale and all-encompassing. Data
passing through the users’ mobile devices was acquired by Defendants without discrimination as
to the kind, type, nature, or sensitivity of the data. Regardless of any representations to the
45
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 46 of 76
contrary—all data—whether sensitive, financial, personal, private, complete with all identifying
113. Plaintiffs and Class Members did not authorize Defendants to create databases
within their mobile devices. The databases used by Defendants did not exist prior to Plaintiffs
114. The use of Local Storage on mobile devices and emergence of advertisers using
local storage in combination with a Global Unique Identifier (“GUID’s”) was cited within the
W3C draft pertaining to “web storage.” “W3C,” a non-profit World Wide Web consortium
whose mission revolves around the development and standardization of web technologies. In an
attempt to standardize client-side storage, the Web Hypertext Application Technology Working
Group (WHATWG) came up with a well-structured client-side storage solution, which is part of
the HTML5 specifications approved by W3C; however such provided a “manifesto” for some in
There are a number of techniques that can be used to mitigate the risk of user
tracking:
46
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 47 of 76
possibility and enables them to delete data in all persistent storage features
simultaneously. [COOKIES]”
W3C Editor's Draft, “Web Storage” (last accessed September 30, 2010), online:
http://dev.w3.org/html5/webstorage/
115. In concept, HTML5 Local Storage is very similar to cookies. On a per origin
basis, there is a set of disk-persisted name/value pairs within the client web browser. Like
cookies, this data persists even after the user navigates away from the web site, close their
browser tab, or exit their browser, like cookies, this data can be transmitted to the remote web
server. Unlike all previous attempts at providing persistent local storage, it is implemented
natively in web browsers, so it is available even when third-party browser plugins are not.
116. HTML5 appeals to the mobile advertising industry as a substitute for traditional
cookies that do not function well on mobile devices. Like flash cookies, HTML5 cookies are not
stored in a browser “cookies” file, and again, like flash cookies, can be used to track users across
websites, but also have privacy implications. A study released by researchers at the University of
New York, Berkeley and other universities, submitted to the federal government for
consideration as part of a new policy on the use of tracking technologies, revealed the details of
“Of the top 100 websites, 31 had at least one overlap between a HTTP and Flash
cookie. For instance, a website might have an HTTP cookie labeled “uid” with a
long value such as 4a7082eb-775d6-d440f-dbf25. There were 41 such matches on
these 31 sites. Most Flash cookies with matching values were served by third-
party advertising networks. That is, upon a visit to a top 100 website, a third party
advertising network would set both a third party HTTP cookie and a third party
Flash cookie.”
Ashkan Soltani, Shannon Canty, Quentin Mayo, Lauren Thomas, Chris Jay Hoofnagle, “Flash
Cookies and Privacy” (10 August 2009), online:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1446862.
117. Plaintiffs and Class Members were unable to access the Defendants database
located within their own mobile device, but could view the amount of storage used and available.
47
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 48 of 76
While tracking cookies are normally 4 KB, and Defendants claimed it stored only a tracking
cookie in the Plaintiffs and Class Members mobile device database, and tracking cookies should
be identical size to all Plaintiffs and Class Members, there were varying mobile device storage
limits used:
118. Databases may be used, and tables created, within a database only after direct
connection is made to the database. The Defendant knowingly and without authorization created
the databases, made the basis of this action. When a database is opened, an empty database is
automatically created if the database requested does not exist. Thus, the processes for opening
G. Media Stamp
119. Ringleader Digital’s “media stamp” technology, made the basis of this action, is
basically using some of the modern HTML5 capabilities of mobile browsers to perform the same
tasks as a traditional cookie, but out of sight of most users. Media Stamp, is not technically a
mobile cookie since it’s not browser based, is on the server side, thus it cannot be affected by
renders the cookies useless or unreliable for ad targeting), and preventing users from deleting
them.
120. Wireless carriers typically prevent outside firms from embedding such
information in mobile devices. "The carriers strip off third-party cookies," says Bob Walczak,
chief executive of Ringleader Digital. To get around the carriers, Ringleader Digital embeds its
48
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 49 of 76
digital stamp in servers rather than browsers, although mobile devices forbid the use of third
party software in Applications to collect and send Device Data to a third party for processing or
iFrame is created which loads code from the RLD website. This website determines if they've
seen you before and setup the right RLDGUID database (for the RLD domain) and then
communicates through iFrame message-passing to its parent (the AccuWeather website) that it
122. Once a user visits a RLD enabled mobile site a copy of the exact same data for
each site that uses their tracking shall be duplicated. This is so that it’s easier to re-spawn if one
or the others get damaged or deleted, but it also means that any script running on the Ringleader
Digital Affiliates, such as the AccuWeather domain, could grab your GUID.
123. The Web SQL Database spec is not involved since browsers won't implement it,
and the specification is dormant. All of the browsers support Local Storage. Each website creates
a local host entry that points back to the RLD tracker such as rld.accuweather.com. That's in the
AccuWeather domain so blocking the RLD domain won't limit this surveillance activity.
124. Software scripts get inserted through ad requests embedded in publisher content
that then execute inside or outside the device on a time sliced basis. The software scripts
delivered, execute in content pages for very limited time periods. Upon completion of the time
slice, the script is replaced with the actual requests for device identification services to an
49
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 50 of 76
125. The stamp or cookie, placed on Ringleader Digital Affiliates, captures user data
by tracking up to 100 "discriminators," such as a user's time zone, mobile browser and mobile
Web bookmarks. After weighing these factors, the stamp assigns each user a unique digital
descriptor. Because the technology lives on site servers, it will work on nearly all Web-enabled
phones, regardless of carrier. On information and belief, Plaintiffs and Class Members that used
their mobile devices and visited Ringleader Digital Affiliates sites had Defendants perform the
unauthorized tasks as noted within the United States Patent Application, 20100057843:
126. Subsequent content page navigation by the user, whether within a session or
during subsequent sessions, can be obtained directly from the local content cache. No additional
load over the network is required. If the cache is cleared, the process merely repeats to refresh
the scripts the next time a unique device identification management system request tag is
rendered.
50
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 51 of 76
127. Plaintiffs and Class Members who became aware of Defendants tracking device
embedded within their mobile device storage attempted various methods of deleting. The
database of both Defendants Ringleader and Defendant Ringleader Digital Affiliates only to have
128. Mobile phones are used for everything from banking and investing to shopping
and communicating with others through email or chat programs. Although online
communications may not be considered “top secret,” mobile users do not want third parties
reading their email, or examining personal information stored on their mobile devices (such as
Identifier (“GUID”) within their mobile device database, without their knowledge or consent.
129. Browser cookie controls and preference settings provide greater user privacy
control. The purpose of a browser privacy mode is to allow users to browse the Internet without
leaving data tracks. Browsers save visited websites in the browsing history, downloaded files in
the download history, search terms in the search history, and data typed into online registration
forms including cached version of such files. Cookie controls allow the user to decide which
cookies can be stored on their mobile devices and transmitted to websites, and using parental
controls to block specific content by adjusting the tabs located within the user’s browser.
Defendants business practices relied on the fact that Safari users could not turn off their
databases for the iPhone, iPod touch, or iPad, nor could users view the low-level details about
the data within their browsers, browser history, cookies, and cache that is currently stored;
moreover Safari’s mobile web browser do not include privacy features such as no “private
51
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 52 of 76
browsing,” which would have the ability to block or clear individual application cookies or
130. Safari is set by default to block all third-party cookies. If a user has not changed
those settings, this option effectively accomplishes the same thing as setting the opt-out cookie,
thus Defendant(s) use of the users database provided a “safe haven,” since users incorrectly
131. Cookie controls and user privacy preference settings provide user protection, but
the Defendant Ringleader responded with new technology to override user’s preferences on their
own mobile devices, and set identical code in the Plaintiffs and Class Members’ mobile devices
resulting in a uniform action to set redundant unique identifiers used to identify and track users.
132. Ringleader Digital's privacy page says that users can opt-out “for life” from the
company's tracking if they direct their mobile device's Web browser to
133. Ringleader’s opt-out mechanism was also flawed by those users that miraculously
could have figured out the association between Ringleader Digital Affiliates and Ringleader and
located the Ringleader opt-out page: “the opt-out will be effective for the life of the device unless
you install a new browser, or update your existing browser, in which case you will need to re-
implement the opt-out utility in order to maintain your opt-out status.” Users desiring that
Defendant Ringleader be denied any and all tracking of their mobile devices in any regard were
denied such option, in that, even if a user opted-out of Ringleader they would still be tracked but
not be sent targeted ads, thus provided no consideration for the user’s preferences.
52
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 53 of 76
134. Ringleader Digital’s opt-out system provides no way for a user to confirm that
their ID stored in the Safari database has been opted-out from tracking, including a recent
revision, and Ringleader Digital essentially says that the database must remain on the device if
you want to remain opted-out. Since deleting the database will mean that the servers can't
identify the opted-out user as the same device that they're not supposed to track.
135. Users trying to get rid of the database deleted the RLDGUID databases, cleared
cookies, and then went to the opt-out link, it did indeed eliminate the unique identifier that had
been tracking; however, it did not stop Ringleader Digital's partner sites from recreating the
136. “If you clear cookies or clear the database, it’s not opting-out,” Walczak said. “If
you opt-out with just the link, it will change the ID to an opt-out ID. On the back-end we set a
token on our system that says this ID is opted-out and we won’t send targeted advertising to that
device.” Ringleader claims that there are no best-practice guidelines for this type of technology
in the mobile space, but it also asserts that it does provide clear opt-out instructions. “There are
Association’s] standards committee and [we are] on the privacy committee to help to create
the Internet websites that they visit, using their Internet connection to transmit and receive
personal and private data, including but not limited to, personal emails, personal Internet
research and viewing, credit card information, banking information, personal identifiable
information such as social security number, date of birth, and medical information.
53
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 54 of 76
138. At all relevant times, Defendants’ advertising technology has contained secret
information-gathering capacities that were not disclosed to or known by Plaintiffs or the Class
and which permitted Defendants to surreptitiously, in an unauthorized manner, and for tortious
and unlawful purposes, intercept and access Plaintiffs’ and the Class Members’ personal and
private information, monitor their Internet activity, and create detailed personal profiles based on
such information.
139. At all relevant times, Plaintiffs and the Class, as part of their normal Internet
browsing and usage, visited websites that unbeknownst to them utilized and/or facilitated
tracking and profiling technology. Since they were doing so in the privacy of their own homes or
offices, and since Defendants did not display any warning or indication that they were collecting
or transmitting personal and private information to or from their computer systems, Plaintiffs and
the Class had a reasonable expectation of privacy as to the nature of their activity and the
142. Defendants’ business practice unfairly wrests control from users who choose to
delete any mobile device database and their cookies in order to avoid being tracked. Users who
are aware of this may delete their databases and cookies periodically, believing that the new
cookies and databases they receive will contain new unique identifiers, thus hindering the ability
54
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 55 of 76
of advertising networks to track their behavior across sites. Using databases to re-identify users
overrides this control, with little available redress for users. Although users may arguably protect
themselves by periodically deleting their cookies and databases as well, the means for doing so
are extremely obscure and difficult even for savvy consumers to use.
143. Defendants failed to disclose that its applied technologies also provide Defendants
with the ability to surreptitiously intercept, access, and collect electronic communications and
145. In all cases where some notice was provided, that notice was insufficient,
misleading, and inadequate. Consent under such circumstances was impossible.
146. In no case as alleged in this complaint, was adequate, informed notice provided to
any Class Members of the true nature and function of the Defendants service.
within the confines of the RLD affiliates privacy document, to set their security preferences.
148. In any case where the opportunity of ‘opting out’ of the Defendants service was
provided, such ‘opt-out’ rights were misleading, untrue, and deceptive.
149. In no case was the collection of all Internet communication data between the
consumer and the Internet halted or affected in any way. All data was still collected. The 'opt-out'
only affected what advertisements the consumer was shown. Thus, the provision of the
55
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 56 of 76
150. Plaintiffs and the Class Members did not voluntarily disclose their personal and
private information prior to the user opting-out of the Defendant’s tracking, let alone, after the
user opted-out, including their Internet surfing habits, to Defendants - and indeed never even
knew that Defendants existed or conducted data collection and monitoring activities upon and
across its Plaintiffs and Class Members’ websites. Plaintiffs and the Class Members provided
such information, and had their Internet habits monitored, without their knowledge or consent,
and would not have consented having their personal and private information, including their on-
151. Defendants did not obtain consent from Plaintiffs and Class Members for any
collection or use and was not allowed to decline consent at the time such statement was
152. Defendants did not obtain consent from Plaintiffs and Class Members for any
disclosure of covered information to unaffiliated parties and was not allowed to decline consent
153. Defendants intentionally accessed Plaintiffs and Class Members’ mobile devices
without authorization or exceeded authorized access to obtain information from a protected
154. Defendants sold, shared, and/or otherwise disclosed covered information of Class
Members to an unaffiliated party without first obtaining the consent of the Class Members to
155. At all relevant times, Plaintiffs and Class Members’ personal and private
information was intercepted by and/or accessed by Defendants and transmitted to it on a regular
basis, without alerting Internet users in any manner. As a result, Defendants were able to and did
56
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 57 of 76
access Plaintiffs’ and Class Members’ mobile devices and/or intercept their electronic
communications without authorization. Defendants have obtained, compiled, and used this
consent so as to profile such persons’ web browsing habits, secretly tracking Class Members’
activities on the Internet and collecting personal information about consumers; and profiting
from the use of the illegally obtained information, all to Defendants’ benefit and Class Members’
detriment.
Members.
private and sensitive information for Defendants’ own benefit without Plaintiffs’ or the Class’
knowledge, authorization, or consent. Such conduct constitutes a highly offensive and dangerous
159. Defendants used and consumed the resources of the Plaintiffs and Class
Members’ mobile devices and substantially increased their Internet bandwidth by gathering user
160. Defendants caused harm and damages to Plaintiffs and Class Members’ mobile
devices finite resources, depleted and exhausted its memory, thus causing an actual inability to
57
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 58 of 76
use it for its intended purposes, and significant unwanted CPU activity, usage, and network
161. Defendants caused harm and damages to the Plaintiffs and Class Members
including but not limited to, consumption of their device’s finite resources, memory depletion
which resulted in the actual inability to use if for its intended purposes.
162. Defendants’ downloads were not evident. Users assumed that the issues relate to
hardware, Windows installation problems, or viruses, and resorted to contacting technical
support experts, or even buying a new mobile device because the existing system mobile device
163. Class Members attempting to repair their own mobile device risked damaging
their system files. Badly infected systems required a clean reinstallation of all their software in
order to return to full functionality, with charges of a few hundred dollars to remove viruses and
spyware, and unauthorized cookies, if serviced in house, or on site such costs exceeded $40-$60
per hour.
164. Defendants harmed Plaintiffs and Class Members by its actions which included,
but not limited to the following:
discovered;
58
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 59 of 76
Plaintiffs and the Class - a course of action and a body of information that is protected from
166. Defendants used, interfered with, and intermeddled with Class Members’
ownership of their personal property, namely, their mobile devices, by, directly or indirectly,
secretly depositing cookies and databases on their mobile devices, secretly accessing their
mobile devices to obtain information contained in and enabled by the Global Unique Identifier,
and secretly collecting personal data and information regarding each Class Members’ Internet
167. Defendants Ringleader and Ringleader Digital Affiliates failed to disclose that its
software, tracks and stores information regarding consumers’ Internet use and other forms of
advertisements on consumers’ mobile devices based on such use. The installation of such
tracking device would be material to consumers in their decision whether to install the software
offered by Defendants. Defendants Ringleader and Ringleader Digital Affiliates furthered their
deceitful practices by storing the tracking files in locations on consumers’ mobile device that is
of this conduct is multiplied by the fact that Defendants aggregate this information about users'
habits across numerous websites and unjustly enriched Defendants to the severe detriment of
Plaintiffs and the Class. Plaintiffs and the Class have been harmed, as they have been subjected
to repeated and unauthorized invasions of their privacy - violations which continue to this day.
59
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 60 of 76
169. The vast majority of Internet users will continue to be tracked by dozens of
companies — companies they've never heard of, companies they have no relationship with,
companies they would never choose to trust with their most private thoughts and reading habits.
CLASS ALLEGATIONS
Allegations as to Class Certification
170. Pursuant to Federal Rule of Civil Procedure 23(a), (b)(1), (b)(2), and (b)(3),
Plaintiffs bring this action as a Class action, on behalf of themselves and all others similarly
a) U.S. Resident Class: All persons residing in the United States that accessed a
Ringleader Digital Affiliate website and Defendant set a Global Unique
Identifier (“GUID”) within the user’s mobile device’s database to back the
mobile device’s Identifier for purposes of restoring it later if deleted by the
user.
b) U.S. Minors Resident Class: All persons residing in the United States, are all
below the age of thirteen (13) years of age and all U.S. Minors Resident Class
are also members of the U.S. Resident class.
c) Injunctive Class: All persons after the date of the filing of this complaint,
residing in the United States, that accessed a Ringleader Digital Affiliate
website and Defendant set a Global Unique Identifier (“GUID”) within the
user’s mobile device’s database to back the mobile devices Identifier for
purposes of restoring it later if deleted by the user.
171. The Class action period, (the “Class Period”), pertains to the date, two years
preceding the date of this filing to the date of Class certification.
172. Plaintiffs reserve the right to revise this definition of the Class based on facts
learned in the course of litigation of this matter.
173. On behalf of the U.S. Resident and New York Resident Classes, Plaintiffs seek
equitable relief, damages and injunctive relief pursuant to:
60
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 61 of 76
174. On behalf of the Injunctive Class, Plaintiffs seek only injunctive relief.
proposed Class are Defendant, their officers, directors, agents, trustees, parents, children,
entities controlled by Defendant, and their heirs, successors, assigns, or other persons or entities
related to or affiliated with Defendant and/or their officers and/or directors, or any of them; the
Judge assigned to this action, and any member of the Judge’s immediate family.
176. Plaintiffs reserve the right to revise these Class definitions of the Classes based on
facts they learn during discovery.
177. Numerosity: The members of the Class are so numerous that their individual
joinder is impracticable. Plaintiffs are informed and believe, and on that basis allege, that the
proposed Class contains tens of thousands of members. The precise number of Class Members is
unknown to Plaintiffs. The true number of Class Members is known by Defendant, however and,
thus, Class Members may be notified of the pendency of this action by first Class mail, electronic
mail, and by published notice. Upon information and belief, Class Members can be identified by
Plaintiffs and the Class, which common questions predominate over any individual questions
61
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 62 of 76
affecting only individual members, the common questions of law and factual questions include,
62
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 63 of 76
practice of, intercepting, accessing, and manipulating, for its own benefit,
personal information, and tracking data from Plaintiffs’ and the Class’
personal mobile device via the ability to; (and practice of) implanting secret
“cookies” on their mobile device;
p) Whether Plaintiffs and members of the Class are entitled to declaratory and/or
injunctive relief to enjoin the unlawful conduct alleged herein; and
63
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 64 of 76
q) Whether Plaintiffs and members of the Class are entitled to punitive damages,
and, if so, in what amount.
179. Typicality: Plaintiffs’ claims are typical of the claims of the members of the
Class in that Plaintiffs and each member of the Class accessed a Ringleader Digital Affiliate
website and a cookie was set on their mobile device to use the storage within the mobile device
database to back up browser cookies for the purposes of restoring them later.
180. Adequacy of Representation: Plaintiffs will fairly and adequately protect the
interests of the members of the Class. Plaintiffs have retained counsel highly experienced in
complex consumer Class action litigation, and Plaintiffs intend to prosecute this action
181. Superiority: A Class action is superior to all other available means for the fair
and efficient adjudication of this controversy. The damages or other financial detriment suffered
by individual Class Members is relatively small compared to the burden and expense that would
be entailed by individual litigation of their claims against the Defendant. It would thus be
virtually impossible for the Class, on an individual basis, to obtain effective redress for the
wrongs done to them. Furthermore, even if Class Members could afford such individualized
litigation, the court system could not. Individualized litigation would create the danger of
inconsistent or contradictory judgments arising from the same set of facts. Individualized
litigation would also increase the delay and expense to all parties and the court system from the
issues raised by this action. By contrast, the Class action device provides the benefits of
supervision by a single court, and presents no unusual management difficulties under the
circumstances here.
64
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 65 of 76
183. The claims asserted herein are applicable to all persons throughout the United
States that accessed a Ringleader Digital Affiliate website and a cookie was set on their mobile
device to use the storage within the mobile device database to back up browser cookies for the
184. The claims asserted herein are based on Federal law and New York law, which is
applicable to all Class Members throughout the United States.
185. Adequate notice can be given to Class Members directly using information
maintained in Defendant’s records or through notice by publication.
Count I
Violation of the Computer Fraud and Abuse Act
18 U.S.C. § 1030 et seq.
187. Plaintiffs incorporate the above allegations by reference as if set forth herein at
length.
65
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 66 of 76
188. Plaintiffs assert this claim against each and every Defendant named herein in this
complaint on behalf of themselves and the Class.
189. The Computer Fraud and Abuse Act, 18 U.S.C. § 1030, referred to as “CFAA,”
regulates fraud and relates activity in connection with computers, and makes it unlawful to
information from such a protected computer, within the meaning of U.S.C. § 1030(a)(2)(C).
191. The Computer Fraud and Abuse Act, 18 U.S.C. § 1030(g), provides a civil cause
of action to “any person who suffers damage or loss by reason of a violation” of CFAA.
192. The Computer Fraud and Abuse Act, 18 U.S.C. § 1030(a)(5)(A)(i), makes it
unlawful to “knowingly cause[s] the transmission of a program, information, code, or command
protected computer,” of a loss to one or more persons during any one-year period aggregating at
66
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 67 of 76
collecting, and transmitting Plaintiffs’ viewing habits, Defendant intentionally caused damage
without authorization to those Plaintiffs’ computers by impairing the integrity of the computer.
conduct, recklessly caused damage to Plaintiffs and Class Members’ computers by impairing the
system or information.”
199. Plaintiffs have suffered loss by reason of these violations, as defined in 18 U.S.C.
§ 1030(e)(11), by the “reasonable cost ... including the cost of responding to an offense,
conducting a damage assessment, and restoring the data, program, system, or information to its
condition prior to the offense, and any revenue lost, cost incurred, or other consequential
200. Plaintiffs have suffered loss by reason of these violations, including, without
limitation, violation of the right of privacy, disclosure of personal identifying information,
67
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 68 of 76
201. As a result of these takings, Defendant’s conduct has caused a loss to one or more
persons during any one-year period aggregating at least $5,000 in value in real economic
damages.
202. Plaintiffs and Class Members have additionally suffered loss by reason of these
violations, including, without limitation, violation of the right of privacy.
Defendant will continue to commit such acts. Plaintiffs’ remedy at law is not adequate to
compensate it for these inflicted and threatened injuries, entitling Plaintiffs to remedies including
Count II
Violations of the Electronic Communications Privacy Act
18 U.S.C. §2510
204. Plaintiffs incorporate the above allegations by reference as if set forth herein at
length.
205. Plaintiffs assert this claim against each and every Defendant named herein in this
complaint on behalf of themselves and the Class.
interception of oral communications, and makes it unlawful for a person to “willfully intercept [],
endeavor [] to intercept, or procure [] any other person to intercept or endeavor to intercept, any
68
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 69 of 76
208. The contents of data transmissions from and to Plaintiffs' and Class Members'
personal computers constitute “electronic communications” within the meaning of 18 U.S.C.
§2510.
communications, knowing or having reason to know that the information was obtained through
reason to know that the information was obtained through the interception of Plaintiffs’
electronic communications.
69
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 70 of 76
215. Defendants unlawfully accessed and used, and voluntarily disclosed, the contents
of the intercepted communications to enhance their profitability and revenue through advertising.
This disclosure was not necessary for the operation of Defendants’ system or to protect
216. The Electronic Communications Privacy Act of 1986, 18 USC §2520(a) provides
a civil cause of action to “any person whose wire, oral, or electronic communication is
217. Defendants are liable directly and/or vicariously for this cause of action. Plaintiffs
therefore seek remedy as provided for by 18 U.S.C. §2520, including such preliminary and other
equitable or declaratory relief as may be appropriate, damages consistent with subsection (c) of
that section to be proven at trial, punitive damages to be proven at trial, and a reasonable
218. Plaintiffs and Class Members have additionally suffered loss by reason of these
violations, including, without limitation, violation of the right of privacy.
219. Plaintiffs and the Class, pursuant to 18 U.S.C. §2520, are entitled to preliminary,
equitable, and declaratory relief, in addition to statutory damages of the greater of $10,000 or
$100 a day for each day of violation, actual and punitive damages, reasonable attorneys’ fees,
and Defendants’ profits obtained from the above-described violations. Unless restrained and
enjoined, Defendants will continue to commit such acts. Plaintiffs’ remedy at law is not adequate
70
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 71 of 76
to compensate it for these inflicted and threatened injuries, entitling Plaintiffs to remedies
Count III
Violations of Section 349 of New York General Busines Law:
Deceptive Acts and Practices
220. Plaintiffs incorporate the foregoing allegations by reference.
221. Defendants’ actions alleged herein constitute unlawful, unfair, deceptive and
fraudulent business practices.
222. Defendants' conduct constitutes acts, uses and/or employment by Defendants
and/or their agents or employees of deception, fraud, unconscionable and unfair commercial
practices, false pretenses, false promises, misrepresentations, and/or the knowing concealment,
suppression, and/or omission of material facts with the intent that others rely upon such
concealment, suppression, or omission, in connection with the sale or advertisement of services,
and with the subsequent performance of services and transactions, in violation of section 349 of
New York's General Business Law.
223. Defendants’ acts and omissions were generally directed at the consuming public,
including accountholders.
224. The unfair and deceptive trade acts and practices of Defendants have directly,
foreseeably, directly and proximately caused damages and injury to Plaintiffs and the other
members of the Class.
225. Defendants' violations of section 349 of New York's General Business Law have
damaged Plaintiffs and the other Class members, and threaten additional injury if the violations
continue.
226. Defendants’ acts and omissions, including Defendants’ misrepresentations, have
caused harm to Class members in that Class members have suffered the loss of privacy through
the exposure of the personal and private information and evasion of privacy controls on their
devices.
227. Plaintiffs and the other members of the Class have no adequate remedy at law.
71
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 72 of 76
228. Plaintiffs, on his own behalf and on behalf of the Class members, seeks damages,
injunctive relief, including an order enjoining Defendants' § 349 violations alleged herein, and
court costs and attorneys' fees, pursuant to NY CLS Gen Bus § 349.
Count IV
Trespass to Personal Property / Chattels
229. Plaintiffs incorporate by reference and reallege all paragraphs previously alleged
herein.
230. The common law prohibits the intentional intermeddling with personal property,
including a mobile device, in possession of another that results in the deprivation of the use of
the personal property or impairment of the condition, quality, or usefulness of the personal
property.
231. By engaging in the acts alleged in this complaint without the authorization or
consent of Plaintiffs and Class Members, Defendant dispossessed Plaintiffs and Class Members
from use and/or access to their mobile devices, or parts of them. Further, these acts impaired the
use, value, and quality of Plaintiffs’ and Class Members’ mobile device. Defendant’s acts
constituted an intentional interference with the use and enjoyment of the computers. By the acts
described above, Defendants, has repeatedly and persistently engaged in trespass to personal
232. Without Plaintiffs’ and Class Members’ consent, or in excess of any consent
given, Defendant knowingly and intentionally accessed Plaintiffs’ and Class Members’ property,
thereby intermeddling with Plaintiffs’ and Class Members’ right to possession of the property
72
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 73 of 76
234. Defendant undertook the following actions with respect to Plaintiffs’ and Class
Members’ computer:
a) Defendant accessed and obtained control over the user’s mobile device;
b) Defendant caused the installation of a new code onto the hard drive of the
without notice or consent on the part of the owner of the mobile device, and
235. All these acts described above were acts in excess of any authority any user
granted when he or she visited the Ringleader Digital Affiliates’ websites and none of these acts
was in furtherance of users viewing the Ringleader Digital Affiliates websites. By engaging in
deception and misrepresentation, whatever authority or permission Plaintiffs and Class Members
236. Defendant’s installation and operation of its program used, interfered, and/or
intermeddled with Plaintiffs’ and Class Members’ mobile devices. Such use, interference and/or
intermeddling was without Class Members’ consent or, in the alternative, in excess of Plaintiffs’
238. Defendant’s installation and operation of its program impaired the condition and
value of Class Members’ mobile devices.
73
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 74 of 76
239. Defendant’s trespass to chattels, nuisance, and interference caused real and
substantial damage to Plaintiffs and Class Members.
property, Defendant has injured and impaired in the condition and value of Class Members'
computers, as follows:
WHEREFORE, Plaintiffs, on behalf of themselves and all others similarly situated, prays
for judgment against Defendant as follows:
A. Certify this case as a Class action on behalf of the Classes defined above, appoint
Plaintiffs as Class representatives, and appoint their counsel as Class counsel;
B. Declare that the actions of Defendant, as set out above, violate the following:
74
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 75 of 76
C. As applicable to the Classes mutatis mutandis, awarding injunctive and equitable relief
including, inter alia: (i) prohibiting Defendant from engaging in the acts alleged above;
(ii) requiring Defendant to disgorge all of its ill-gotten gains to Plaintiffs and the other
Class Members, or to whomever the Court deems appropriate; (iii) requiring Defendant
to delete all data surreptitiously or otherwise collected through the acts alleged above;
(iv) requiring Defendant to provide Plaintiffs and the other Class Members a means to
easily and permanently decline any participation in any data collection activities; (v)
awarding Plaintiffs and Class Members full restitution of all benefits wrongfully acquired
by Defendant by means of the wrongful conduct alleged herein; and (vi) ordering an
accounting and constructive trust imposed on the data, funds, or other assets obtained by
unlawful means as alleged above, to avoid dissipation, fraudulent transfers, and/or
concealment of such assets by Defendant;
D. Award damages, including statutory damages where applicable, to Plaintiffs and Class
Members in an amount to be determined at trial;
E. Award restitution against Defendant for all money to which Plaintiffs and the Classes are
entitled in equity;
F. Restrain Defendant, their officers, agents, servants, employees, and attorneys, and those
in active concert or participation with them from continued access, collection, and
transmission of Plaintiffs and Class Members’ personal information via preliminary and
permanent injunction;
H. For such other and further relief as this Court may deem just and proper.
75
Case 1:10-cv-08315-JGK Document 1 Filed 11/03/10 Page 76 of 76
Respectfully submitted,
Dated: November 3, 2010
Kamberlaw, LLC
By:
David A. Stampley
One of the attorneys for Plaintiffs, individually
and on behalf of a class of similarly situated
individuals
76